5 minute read
Gabrielle Raymundo
GABRIELLE RAYMUNDO
Gabrielle Raymundo grew up in the Greater Western Sydney area, in Blacktown, and is nearing the end of a Certified Cyber Security Professional course at the Australian Institute of ICT under the Australian Women in Security Network’s Security Pathway Program.
Certified Cyber Security Professional course, at the Australian Institute of ICT
Suppose you met an old friend from your last year at school who, knowing nothing about cybersecurity or what you do, asks you what you are doing. How do you answer them to ‘sell’ them on the idea of a career in cybersecurity?
Cybersecurity is a fast-paced and ever-evolving science that is intertwined with every piece of technology, every organisation, and every person. It is the gateway into understanding how technology is embedded in our daily lives and, like technology, is ubiquitous in modern society.
Working in cyber security is a challenging and rewarding career that makes a tangible difference to peoples’ lives. You will never get bored as there is always a new and exciting thing to learn!
What was the reaction from parents, peers or career advisors to your decision to get into cyber? Did you face any opposition, if so, how did you feel about this?
Most of the people from my inner circle were surprised about my decision to jump into cyber security, let alone pursue a technical role as a security operations centre (SOC) analyst. My strengths were mainly in creativity and analysis, so most of my peers assumed I would take a job in interaction design or user experience.
After completing a rotation across four different security teams I found myself enjoying the role of a SOC analyst. I was able to use my creativity in problem-solving and suggesting new ways to improve our workflows, and I honed my love for learning as I delved into incident analysis. When they realised I could use my strengths in an exciting and fulfilling way, my parents and peers got onboard with the idea of me pursuing a role in the SOC.
What do you see has having been the most memorable and/or significant event in your cybersecurity journey to date, and why?
What initially sparked my interest in cyber security was my experience in the security awareness team. I helped organise the marketing for Woolworths Group’s Stay Smart Online Day. I was intrigued by the creativity and communication skills displayed and found I was not only making an impact on the awareness of my team members to different cyber threats, but able to educate them on ways they could keep themselves and their families safe online. After that project, I realised roles in cyber security were not reserved for technical specialists but were available to those with many other skills.
In addition to your studies, what employment experience do you have in cybersecurity?
Before starting my cyber security studies I completed an internship in the Woolworths Group Identity and Access Management team as part of my Bachelor of Information Technology degree at UTS. After graduating I returned to Woolworths under its cyber security graduate program, which prompted me to undertake additional study. During the two-year program I was exposed to a number of cyber security teams and took on roles in cyber awareness, identity and access management, cyber data and analytics and the security operations centre.
The cybersecurity industry abounds with certifications from multiple organisations. Have you gained, or do you plan to gain any of these, if so which ones, and why?
As part of the Australian Women in Security Network’s Certified Cyber Security Professional’s course with the Australian Institute of ICT (AIICT) my current focus is to complete the CompTIA A+, Security+ and Network+ certifications. Gaining these certifications would solidify my knowledge of the critical IT and security concepts needed to piece together the
environment and the controls needed to secure it. Furthermore, I hope to pursue certifications specific to my interests in security operations and reverse malware engineering such as the courses provided by Offensive Security or GIAC.
What aspect of your studies excites you the most?
I have always been the type of person who enjoys learning the intricacies of how different technologies work. Studying a course that covers such a broad range of foundational IT and security themes has been an exciting journey and has helped me in my current role as a SOC analyst, especially while triaging a variety of security incidents.
Do you see the need for, or plan to undertake, additional training in non-cyber skills to better equip you for a future role, eg interpersonal communications or management?
Learning soft skills tends to be overlooked. However, as we work in such a dynamic and growing industry, it is imperative to prioritise the development of communication, collaboration and management skills among cyber security professionals.
Threat actors are evolving quickly and we need individuals with strong interpersonal and management skills to educate the public about these threats and security behaviours, build trust with our customers, foster partnerships with other teams and industries and inspire future generations to join cyber security.
Even while working in the SOC, communicating findings and reporting trends in security incidents, it is vital to develop intelligence-driven defence for the company. With this in mind I am definitely considering studying a course in management or digital leadership in the future.
Are you involved in the wider cybersecurity community, eg AWSN, if so how, and what has been your experience?
Being a part of the AWSN Cadets program has definitely opened the doors to many learning opportunities. I participated in the AWSN Security Pathways programs and met like-minded individuals interested in digital forensics incident response (DFIR) at Hax4n6. I was surprised at the growth of the community and the support from the network. Joining the seminars was beneficial for learning the skills needed for my job, and connecting with women with diverse backgrounds in cybersecurity has motivated me to broaden my career horizons.
What is your favourite source of general information about cybersecurity?
My go-to sources for infosec news would be the Bleeping Computer, The Hacker News, and ThreatPost. I love learning about the latest threats, the chain of events in a cyber attack, and how security teams resolve a variety of incidents. I am also excited to come across a phishing campaign or malware I have read about in the news. So I try to keep up to date with as many sources as possible.
What measures do you have in place for your personal cybersecurity?
I am usually forgetful when it comes to remembering the passwords for all of my accounts, so I keep my accounts safe by using a password manager. It is a simple tool to securely store passwords, check password strength and generate unique and strong passwords for each account.
www.linkedin.com/in/gabrielle-raymundo
